Article 5B3Z3 iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

by
Dan Goodin
from Ars Technica - All content on (#5B3Z3)
iPhone-12-Pro-Max-screen-800x531.jpeg

Enlarge / That's a lot of screen. (credit: Samuel Axon)

Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device-over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable-meaning radio-proximity exploits could spread from one nearby device to another, once again, with no user interaction needed.

This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google's vulnerability research arm. In a 30,000-word post published on Tuesday afternoon, Beer described the vulnerability and the proof-of-concept exploit he spent six months developing single-handedly. Almost immediately, fellow security researchers took notice.

Beware of dodgy Wi-Fi packets

This is a fantastic piece of work," Chris Evans, a semi-retired security researcher and executive and the founder of Project Zero, said in an interview. It really is pretty serious. The fact you don't have to really interact with your phone for this to be set off on you is really quite scary. This attack is just you're walking along, the phone is in your pocket, and over Wi-Fi someone just worms in with some dodgy Wi-Fi packets."

Read 6 remaining paragraphs | Comments

index?i=4pZeWYGPBS0:JCnqwO98g7s:V_sGLiPB index?i=4pZeWYGPBS0:JCnqwO98g7s:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments